Sign-up

VARIoT news about IoT security

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trust: 3.5

Fetched: Jan. 16, 2024, 10:14 a.m., Published: Jan. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: filezilla model: server
vendor: trend model: antivirus
vendor: trend model: security
vendor: trend micro model: antivirus
vendor: trend micro model: security
db: NVD ids: CVE-2023-36025

Industrial Cybersecurity Predictions for 2024 - Part 2 | Manufacturing.net

Trust: 3.75

Fetched: Jan. 16, 2024, 10:11 a.m., Published: Jan. 4, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: trend model: security

Bosch thermostats vulnerable to malware attacks | SC Media

Trust: 3.0

Fetched: Jan. 16, 2024, 10:05 a.m., Published: Jan. 15, 2024, 7:24 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-201809-0386, VAR-202302-1400, VAR-201809-0391, VAR-201905-0935, VAR-201901-0832, VAR-201905-0936, VAR-201901-0831, VAR-202003-0929, VAR-201809-0385, VAR-201809-0818, VAR-201908-0931, VAR-202001-0764, VAR-202003-0926, VAR-201809-0392, VAR-201809-0390, VAR-201809-0389, VAR-201901-0833, VAR-201908-0932, VAR-201901-0830, VAR-202202-1057, VAR-202001-0765, VAR-202003-0927, VAR-202003-0928, VAR-201901-0834, VAR-202001-0767, VAR-201908-0936, VAR-201908-0933, VAR-201809-0817, VAR-201910-0880, VAR-201808-0273, VAR-201809-0387, VAR-201809-0388, VAR-202001-0522, VAR-202001-0768

Trust: 4.5

Fetched: Jan. 16, 2024, 10:04 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: privilege escalation, file inclusion, directory traversal...
Affected productsExternal IDs
vendor: google model: android
vendor: ricoh model: d2200
vendor: ricoh model: sp_c250dn_firmware
vendor: ricoh model: sp 221sf
vendor: ricoh model: d7500
vendor: ricoh model: sp 220snw
vendor: ricoh model: ricoh sp c250dn
vendor: ricoh model: mp c406z
vendor: ricoh model: mp c4504ex
vendor: ricoh model: sp 220sfnw
vendor: ricoh model: sp 4510sf printer
vendor: ricoh model: rpcs raster driver
vendor: ricoh model: postscript3 driver
vendor: ricoh model: sp_c250sf_firmware
vendor: ricoh model: d5500
vendor: ricoh model: sp 330sn
vendor: ricoh model: rpcs driver
vendor: ricoh model: sp 4510dn
vendor: ricoh model: aficio mp
vendor: ricoh model: sp 221s
vendor: ricoh model: d6500
vendor: ricoh model: d5520
vendor: ricoh model: mp c6503
vendor: ricoh model: mp c307
vendor: ricoh model: sp 221sfnw
vendor: ricoh model: ricoh sp 4510sf printer
vendor: ricoh model: mp c6503 plus
vendor: ricoh model: generic pcl5 driver
vendor: ricoh model: d6510
vendor: ricoh model: d8400
vendor: ricoh model: mp c1803 jpn
vendor: ricoh model: sp c250dn
vendor: ricoh model: pcl6 driver
vendor: ricoh model: ricoh mp c1803 jpn
vendor: ricoh model: pc fax generic driver
vendor: ricoh model: mp 501
vendor: ricoh model: ricoh interactive whiteboard d2200
vendor: ricoh model: sp 221snw
vendor: ricoh model: sp 4510sf
vendor: ricoh model: mp c6003
vendor: ricoh model: sp 4520dn
vendor: ricoh model: mp c2003
vendor: ricoh model: interactive whiteboard d2200
vendor: ricoh model: d5510
db: NVD ids: CVE-2018-17310, CVE-2022-43969, CVE-2018-17315, CVE-2019-11844, CVE-2018-16186, CVE-2019-11845, CVE-2018-16185, CVE-2019-14303, CVE-2018-17309, CVE-2018-17002, CVE-2019-14305, CVE-2019-14304, CVE-2019-14309, CVE-2018-17316, CVE-2018-17314, CVE-2018-17313, CVE-2018-16187, CVE-2019-14307, CVE-2018-18006, CVE-2018-16184, CVE-2010-5325, CVE-2021-33945, CVE-2019-14306, CVE-2015-6750, CVE-2019-14310, CVE-2019-14299, CVE-2018-16188, CVE-2019-14301, CVE-2019-14300, CVE-2019-14308, CVE-2019-20001, CVE-2018-17001, CVE-2012-5002, CVE-2019-18203, CVE-2018-15884, CVE-2018-17311, CVE-2018-17312, CVE-2019-19363, CVE-2019-7751, CVE-2019-14302

CVE-2023-42134 - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Jan. 16, 2024, 10:04 a.m., Published: Jan. 15, 2024, 2:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-42134

Samsung releases its January security patch to Galaxy devices with over 70 bug fixes - PhoneArena

Trust: 3.75

Fetched: Jan. 16, 2024, 10:03 a.m., Published: Jan. 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung mobile
db: NVD ids: CVE-2022-40507

CVE - CVE-2023-20869

Trust: 3.25

Fetched: Jan. 16, 2024, 9:56 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-20869

Another Barracuda ESG zero-day flaw exploited in the wild | TechTarget

Trust: 5.25

Fetched: Jan. 16, 2024, 9:55 a.m., Published: Dec. 27, 2023, midnight
 Vulnerabilities: command injection, code execution, remote command injection
Affected productsExternal IDs
vendor: barracuda networks model: barracuda
vendor: barracuda model: barracuda
vendor: google model: nexus
db: NVD ids: CVE-2023-7101, CVE-2023-7102, CVE-2023-2868

10 Types of Security Incidents and How to Handle Them | TechTarget

Trust: 3.5

Fetched: Jan. 16, 2024, 9:54 a.m., Published: Jan. 10, 2024, midnight
 Vulnerabilities: privilege escalation, session hijacking, sql injection...
Affected productsExternal IDs

CVE-2023-50916 - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Jan. 16, 2024, 9:53 a.m., Published: Jan. 10, 2024, 7:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

Bosch Rexroth Vulnerabilities May Halt Production, Compromise Safety

Trust: 4.25

Fetched: Jan. 16, 2024, 9:36 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: request forgery, cross-site scripting, buffer overflow...
Affected productsExternal IDs
vendor: bosch rexroth model: nexo
vendor: bosch model: nexo
db: NVD ids: CVE-2023-48255, CVE-2023-48261, CVE-2023-48266, CVE-2023-48246, CVE-2023-48249, CVE-2023-48243, CVE-2023-48250, CVE-2023-48254, CVE-2023-48252, CVE-2023-48244, CVE-2023-48263, CVE-2023-48242, CVE-2023-48259, CVE-2023-48264, CVE-2023-48257, CVE-2023-48251, CVE-2023-48248, CVE-2023-48245, CVE-2023-48258, CVE-2023-48247, CVE-2023-48253, CVE-2023-48265, CVE-2023-48256, CVE-2023-48262, CVE-2023-48260

Kaspersky exposed iPhone vulnerability at heart of Operation Triangulation

Trust: 3.75

Fetched: Jan. 16, 2024, 9:36 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: apple tv
vendor: apple model: macos
vendor: apple model: watch
db: NVD ids: CVE-2023-38606, CVE-2023-32435, CVE-2023-41990, CVE-2023-32434

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-200903-0335, VAR-201109-0130, VAR-201303-0226, VAR-200903-0332, VAR-201202-0054, VAR-201008-0131, VAR-200904-0328, VAR-201008-0028

Trust: 4.25

Fetched: Jan. 16, 2024, 9:35 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: access violation, information disclosure, double dereference...
Affected productsExternal IDs
vendor: squid model: squid
vendor: delegate model: delegate
vendor: moonlight model: moonlight
vendor: qbik model: wingate
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2009-0803, CVE-2017-0014, CVE-2016-3367, CVE-2009-0804, CVE-2015-6114, CVE-2015-6165, CVE-2011-3389, CVE-2017-0108, CVE-2015-2464, CVE-2009-2497, CVE-2013-3896, CVE-2015-1671, CVE-2013-3129, CVE-2013-0074, CVE-2012-0159, CVE-2015-2435, CVE-2011-1844, CVE-2018-15659, CVE-2009-0802, CVE-2017-0283, CVE-2015-2463, CVE-2009-0801, CVE-2013-3178, CVE-2015-2456, CVE-2012-0014, CVE-2015-6166, CVE-2010-1898, CVE-2009-1211, CVE-2015-2455, CVE-2016-3209, CVE-2014-4589, CVE-2010-0019, CVE-2011-1253, CVE-2016-0034, CVE-2013-3131, CVE-2011-1845, CVE-2015-6108, CVE-2011-2632, CVE-2011-0664, CVE-2010-4254, CVE-2015-1715, CVE-2014-0319, CVE-2012-2292, CVE-2012-0176, CVE-2020-11414, CVE-2017-8528

Over 178,000 SonicWall Firewalls Exposed to Potential Hacks Due to Unpatched Vulnerabilities - VULNERA

Trust: 4.75

Fetched: Jan. 16, 2024, 9:33 a.m., Published: Jan. 15, 2024, 9:33 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2023-0656, CVE-2022-22274

CVE-2023-49107 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Jan. 16, 2024, 9:32 a.m., Published: Jan. 16, 2024, 1:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hitachi model: device manager
vendor: hitachi model: hitachi device manager
db: NVD ids: CVE-2023-49107

50 Web Security Stats You Should Know In 2024 | Expert Insights

Trust: 3.75

Fetched: Jan. 16, 2024, 9:26 a.m., Published: Jan. 10, 2024, 4:56 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: home

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Trust: 3.0

Fetched: Jan. 16, 2024, 9:25 a.m., Published: Jan. 16, 2024, 6:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-49722

Google MultiLogin exploit enables persistent unauthorized access

Trust: 4.5

Fetched: Jan. 16, 2024, 9:23 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: barracuda model: barracuda
vendor: google model: chrome
db: NVD ids: CVE-2023-7101, CVE-2023-7102

Juniper Fixes Critical Vulnerability in Firewalls and Switches - Lansweeper

Trust: 3.0

Fetched: Jan. 16, 2024, 9:22 a.m., Published: Feb. 15, 2023, 7:39 a.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-21591

Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks

Trust: 5.5

Fetched: Jan. 16, 2024, 9:21 a.m., Published: Jan. 5, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: exynos
vendor: samsung model: galaxy
vendor: samsung model: mobile devices
vendor: samsung model: notes
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2023-24033, CVE-2023-26496, CVE-2023-26497, CVE-2023-26498